import jwt_decode from 'jwt-decode';

class JwtSsoSdk {
    constructor(secretKey, issuer, audience) {
        this.secretKey = secretKey;
        this.issuer = issuer;
        this.audience = audience;
    }

    setToken(token) {
        localStorage.setItem('jwt_token', token);
    }

    getToken() {
        return localStorage.getItem('jwt_token');
    }

    removeToken() {
        localStorage.removeItem('jwt_token');
    }

    validateToken(token) {
        try {
            const decoded = jwt_decode(token);
            if (decoded.iss !== this.issuer || decoded.aud !== this.audience) {
                return null;
            }
            return {
                user_id: decoded.user_id,
                role_id: decoded.role_id,
                name: decoded.name
            };
        } catch (error) {
            return null;
        }
    }

    getAuthHeader() {
        const token = this.getToken();
        return token ? { Authorization: `Bearer ${token}` } : {};
    }
}

export default JwtSsoSdk;